Integration Notes

Revelstoke + Panther Integration

Notify analysts and SOC teams when Revelstoke observes and responds to the root of an incident.

Below are the step-by-step instructions on how to connect Panther to Revelstoke and manage this integration.\\

How It Works

Revelstoke ingests alerts if suspicious activity is detected. A new alert in Panther will trigger the creation of an alert in Revelstoke. Revelstoke allows management of the Panther alert workflow.

Requirements

The Panther integration requires an admin role in order to authorize the account. If you are not an admin, please reach out to an admin or account owner within your organization to configure the integration for you.

Support

If you need any help getting the Panther integration up and running, please do not hesitate to reach out to us via email at info@revelstoke.io.

Integration Walkthrough

In Panther

Revelstoke integrates with Panther as a Custom API. To connect, you must generate an API Key.

  1. Settings > API Tokens > Create New Token

In Revelstoke

  1. In your Revelstoke instance, navigate to the integrations page
  2. Select Add Integration Instance
  1. Select the Panther integration
  • Enter the following required fields:
  • Base URL of API Platform
  • API Key
  • Results Limit
  • Click Save
  • To Remove Panther from Revelstoke
  • Select the Trash Can icon in the Integrations List
  • Select Yes, delete